[Swan] IPSec Libreswan Fortinet
Paul Wouters
paul at nohats.ca
Sun May 7 21:36:04 EEST 2023
On Thu, 4 May 2023, Armen Dilanyan wrote:
> I am setting up IPSec between Fortinet and my linux machine using the IKEv1 protocol.
> I need to access networks 10.0.0.0/24, 10.0.1.0/24, 10.0.2.0/23, 10.0.4.0/24, 172.16.0.0/21 which are behind the Fortinet firewall.
> When I connect Forticlient everything works. When I connect from a Linux machine, I only have access to the 172.16.0.0/21 network.
Your best bet is to copy the connection for each subnet, and add a
rightsubnet= statement to each of them to bring up separate tunnels
for each of your subnets.
Note it is stronly recommended you switch to IKEv2, see RFC-9395
https://datatracker.ietf.org/doc/html/rfc9395
Paul
More information about the Swan
mailing list